ci: copy sbom in to image

telicent-oss · May 22, 2024 · d495260 · d495260
1 parent 081ec4b
commit d495260
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 28 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -70,31 +70,26 @@ jobs:
       APP_NAME: ${{ needs.get_variables.outputs.app_name }}
     secrets: inherit
 
-  # Do not run while testing vulnerability-scanning-on-repo
-  #
-  #  publish_build_image_to_registries:
-  #    needs:
-  #      - integrated_tests
-  #      - get_variables
-  #    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
-  #    with:
-  #      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
-  #      DOCKERFILE: Dockerfile.build
-  #      PATH: .
-  #      VERSION: ${{ needs.get_variables.outputs.version }}
-  #      VERSION_SUFFIX: -build
-  #      IMAGE_SUFFIX: -build
-  #    secrets: inherit
-  #
-  #  publish_deployment_image_to_registries:
-  #    needs:
-  #      - integrated_tests
-  #      - get_variables
-  #      - publish_build_image_to_registries
-  #    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
-  #    with:
-  #      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
-  #      DOCKERFILE: Dockerfile
-  #      PATH: .
-  #      VERSION: ${{ needs.get_variables.outputs.version }}
-  #    secrets: inherit
+  publish_build_image_to_registries:
+    needs:
+      - run_vulnerability_scan_on_repo 
+    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
+    with:
+      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
+      DOCKERFILE: Dockerfile.build
+      PATH: .
+      VERSION: ${{ needs.get_variables.outputs.version }}
+      VERSION_SUFFIX: -build
+      IMAGE_SUFFIX: -build
+    secrets: inherit
+
+  publish_deployment_image_to_registries:
+    needs:
+      - publish_build_image_to_registries
+    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
+    with:
+      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
+      DOCKERFILE: Dockerfile
+      PATH: .
+      VERSION: ${{ needs.get_variables.outputs.version }}
+    secrets: inherit
diff --git a/Dockerfile.build b/Dockerfile.build
@@ -17,6 +17,7 @@ COPY app.config.json .
 COPY index.html .
 COPY env.sh .
 COPY .env.default .env
+COPY instance.sbom.json ./cyclonedx-sbom.json
 RUN TRY_BUILD_ENV_CONFIG=false yarn build 
 
 # The prep for NEXT "runtime" stage in "Dockerfile"